DirectDrive, is committed to respect your privacy and to comply with applicable data protection and privacy laws. This privacy policy (“Policy”) describes how we collect and use personal data where DirectDrive is the data controller or where we refer to the applicability of this Policy. This Policy does not apply to the processing of personal data that we carry out on behalf of our customers for the purpose of service provisioning. Such processing is subject to the terms and conditions applicable to the respective business offering. “Personal data” means information relating to you or another identifiable individual.
Software on your device may access your information. Our products or services may contain links to, or may be embedded within, other companies’ websites and services that have privacy policies of their own. Where our products or services are embedded to products and services of our customers, we require our customers to provide necessary transparency to you. This might include linking to this Policy and the relevant Supplements, or providing the transparency in integrated and embedded notices which identify us as the service provider or controller.
Logs and online usage information
When you access our services online, our web servers automatically create records of your visit. These records typically include IP-address, access times, the sites linked from, pages visited, the links and features used, the content viewed or requested, browser or application type, language and other such information.
Service improvement and research programs
We may invite you to join voluntary product and service improvement or research programs where detailed information is collected. See Supplements to this Policy for more details.
Information provided by partners
We obtain information from industry partners and a variety of other sources, including publicly available sources such as business registries. We take appropriate measures to ensure compliance with applicable laws including conducting vendor due diligence, establishing a valid legal basis for the transfer, and requiring or anonymization or other data minimization treatment prior to disclosure of the data to us in accordance with applicable laws and regulations.
Why do we process Personal Data?
DirectDrive may process your personal data for the following purposes. One or more purposes may apply simultaneously.
Providing products and services
We may use your personal data to provide you with our products and services, to process your requests and perform related transactions or as otherwise may be necessary to perform the contract between you and DirectDrive, to ensure the functionality and security of our products and services, as well as to prevent and investigate fraud and other misuses.
Developing and managing products and services
We may use your personal data to develop and manage our products, services, customer care, sales and marketing. We may combine personal data collected in connection with your use of a particular DirectDrive product and/or service with other personal data we may have about you, unless such personal data was collected for a purpose where the original purpose is incompatible with this purpose.
Communicating with you
We may use your personal data to communicate with you, for example to inform you that our services have changed or to send you critical alerts and other such notices relating to our products and/or services and to contact you for customer care related purposes.
Marketing, advertising and making recommendations
We may contact you to inform you of new products, services or promotions we may offer and to conduct market research when we have your consent or it is otherwise allowed. We may use your personal data to personalize our offering and to provide you with more relevant services, for example, to make recommendations and to display customized content and advertising in our services. This may include displaying DirectDrive and third party content.
Compliance
We may process your data to comply with legal obligations, safeguard individuals’ vital interests and safety, protect our rights or property.
What is our legal basis for processing your Personal Data?
Our legal basis for processing your personal data is dependent on the purpose for processing and may vary as described in the Supplement applicable to the product or service you are using. In general, we process your personal data under the following legal bases:
Your consent
We process your personal data if you have consented to the processing activity. You may revoke your consent at any time. Doing so will bar us from further processing of your personal data based on your consent, but will not impact the lawfulness of processing based on your consent before it was withdrawn. Some of the features of our products and services might be only available based on consent.
Legitimate interests
We process your personal data to further our legitimate interests, such as in connection with managing, developing, testing, securing, and in limited circumstances marketing, advertising, and making recommendations regarding our products and services. Any such processing is conducted subject to appropriate measures to protect your fundamental rights and freedoms related to your personal data, and in any event will be subject to the restrictions provided in this Policy. Further information or specification of our legitimate interests may be provided in relevant Supplements applicable to the product or service.
How long do we retain Personal Data?
We endeavor to only collect personal data that are necessary for the purposes for which they are collected, and to retain such data for no longer than is necessary for such purposes. The length of time personal data is retained, and criteria for determining that time, are dependent on the nature of the personal data and the purpose for which it was provided. For example, for your personal data related to managing your account (such as name, email address, and account content and preferences) are maintained for as long as they are retained by you within your account. Other data, such as records of your activity within the application, are typically maintained only for a short period before being anonymized or pseudonymized.
Your consent and social sharing services
We may share your personal data if we have your consent to do so. Some services may allow you to share your personal data with other users of the service or with other services and their users. Please consider carefully before disclosing any personal data or other information that might be accessible to other users.
Mandatory disclosures
We may be obligated by mandatory law to disclose your personal data to certain authorities or other third parties, for example, to law enforcement agencies in the countries where we or third parties acting on our behalf operate. We may also disclose and otherwise process your personal data in accordance with applicable law to defend DirectDrive legitimate interests, for example, in legal proceedings or in connection with governmental requests and filings.
How do we address the privacy of children?
DirectDrive products and services are typically intended for general audiences. DirectDrive does not knowingly collect information of children without the consent of their parents or guardians. DirectDrive publishes safety guidelines for using internet services in our websites.
How do we address Data Quality?
We take reasonable steps to keep the personal data we process accurate and to delete incorrect or unnecessary personal data. We encourage you to access your personal data through your account from time to time to ensure that it is up to date.
What steps are taken to safeguard Personal Data?
Privacy and security are key considerations in the creation and delivery of our products and services. We have assigned specific responsibilities to address privacy and security related matters. We enforce our internal policies and guidelines through an appropriate selection of activities, including proactive and reactive risk management, security and privacy engineering, training and assessments. We take appropriate steps to address online security, physical security, risk of data loss and other such risks taking into consideration the risk represented by the processing and the nature of the data being protected. Also, we limit access to our data bases containing personal data to authorized persons having a justified need to access such information.
What are your rights?
You have the following rights with respect to your personal data:
- to know what personal data we hold about you, and to access it;
- to have incomplete, incorrect, unnecessary or outdated personal data updated;
- to request that your personal data be erased;
- to obtain a copy of your data in a machine-readable format;
- to withdraw a previously granted consent to the processing of your data;
- to object to or restrict processing in certain circumstances, such as where you believe the data is inaccurate or the processing activity is unlawful.
You have a right to unsubscribe from direct marketing messages and to request that we stop processing your personal data for direct marketing purposes or on other compelling legal grounds.
Changes to this Privacy Policy
DirectDrive may from time to time change this Policy or change, modify or withdraw access to this site at any time with or without notice. However, if this Policy is changed in a material, adverse way, DirectDrive will post a notice advising of such change at the beginning of this Policy and on this site’s home page for 30 days. We recommend that you re-visit this Policy from time to time to learn of any such changes to this Policy.